Cybersecurity Bill Fails Today In US Senate 72
wiredmikey writes "A development following the recently posted story Senate Cybersecurity Bill Stalled By Ridiculous Amendments — The Cybersecurity Act of 2012 failed to advance in the US Senate on Thursday. The measure was blocked amid opposition from an unusual coalition of civil libertarians — who feared it could allow too much government snooping — and conservatives who said it would create a new bureaucracy. The bill needed 60 votes in the 100-member Senate to advance under rules in the chamber, but got only 52. The failure came despite pleas from Obama and top US defense officials. The US Chamber of Commerce argued that the bill 'could actually impede US cybersecurity by shifting businesses' resources away from implementing robust and effective security measures and toward meeting government mandates.'"
The free market will fix it (Score:0, Insightful)
Just keep the government out of the way and the companies themselves will take care of it. No need for worries.
Re:we already got a thread (Score:5, Insightful)
It does nothing to enforce real security. Instead, it enshrines another layer of surveillance and privacy-reduction in law - with an enforcement arm that will be rewarded by stopping "cyber-threats" like using a UK proxy to watch the Olympics online. Then, like under the DMCA you can be treated like a terrorist.
https://www.eff.org/deeplinks/2012/03/dangerously-vague-cybersecurity-legislation [eff.org]
Re:Not unusual to to blocked by anyone (Score:2, Insightful)
If you think conservatives are civil libertarians then I have no idea what to say to you.
Today's conservatives believe for absolute freedom of corporations that that's it. They have absolutely no care for any other freedoms save MAYBE the 2nd amendment. They don't care about any individuals rights... just whatever gets their corporate buddies a bit more money.
Re:The free market will fix it (Score:3, Insightful)
Just keep the government out of the way and the companies themselves will take care of it. No need for worries.
Yes!
We should have let:
Enron take over energy policy,
Madoff take over social security,
Lehman Brothers take over mortgages,
and so on
The free market is perfect and always optimizes (someone's wallet).
Re:we already got a thread (Score:4, Insightful)
Did you actually expect the government to improve security? These are the same people who keep telling us that the TSA makes us safer. For the most part, congresspeople don't even understand the most basic aspects of meatspace security. How could they possibly understand cybersecurity, which is orders of magnitude more complex? If you asked all of the U.S. Congress what a buffer overflow is, you would probably have fewer than twenty people who could answer the question, and I would not be entirely surprised if not a single one of them could answer it. And I can just about guarantee that none of them could construct even the most basic threat assessment for even the most simple network protocol.
No, Congress will create an organization whose job it is to understand it, but they'll give it a mission statement that is entirely perpendicular to anything that would actually improve cybersecurity. Then, when things don't improve, they'll say that it needs more funding. All the while, they'll be siphoning off hundreds of millions of dollars to overpriced contractors in their districts so that when they leave the public sector, they'll have cushy consulting jobs waiting for them. Sadly, this is the way Congress usually does things. They don't take the time to understand the issues, and instead let a bunch of lobbyists write laws that almost invariably only serve to make the problem worse.
For this reason, government is almost never the answer to this sort of thing. Industry standards bodies are. Until our congresspeople are clueful enough to understand that cybersecurity is fundamentally a problem caused by bugs in software, not a social problem caused by evil, malicious "hackers", they cannot possibly do anything but cause harm. Improving cybersecurity by trying to catch the hackers is like protecting a chicken coop by trying to catch all the wolves in the country. There will always be more wolves. What the coop needs is not traps, but rather walls and fences. Similarly, the only way government can usefully improve cybersecurity is by hiring computer security experts to serve as a cybersecurity swat team that does nothing but review code and software designs upon request from government agencies, private businesses, and open source projects. That level of scrutiny is useful. Anything else is a waste of time, money, and civil liberties, with no hope whatsoever of positively affecting our nation's cybersecurity.